Skip to content

Update login page route #1603

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Merged
merged 15 commits into from
Jun 18, 2025
Merged

Update login page route #1603

merged 15 commits into from
Jun 18, 2025

Conversation

Rajgupta36
Copy link
Collaborator

Update auth route

@coderabbitai coderabbitai
Copy link
Contributor

coderabbitai bot commented Jun 13, 2025
edited
Loading

Important

Review skipped

Auto reviews are disabled on base/target branches other than the default branch.

Please check the settings in the CodeRabbit UI or the .coderabbit.yaml file in this repository. To trigger a single review, invoke the @coderabbitai review command.

You can disable this status message by setting the reviews.review_status to false in the CodeRabbit configuration file.

✨ Finishing Touches
🧪 Generate Unit Tests
  • Create PR with Unit Tests
  • Post Copyable Unit Tests in Comment

Thanks for using CodeRabbit! It's free for OSS, and your support helps us grow. If you like it, consider giving us a shout-out.

❤️ Share
🪧 Tips

Chat

There are 3 ways to chat with CodeRabbit:

  • Review comments: Directly reply to a review comment made by CodeRabbit. Example:
    • I pushed a fix in commit <commit_id>, please review it.
    • Explain this complex logic.
    • Open a follow-up GitHub issue for this discussion.
  • Files and specific lines of code (under the "Files changed" tab): Tag @coderabbitai in a new review comment at the desired location with your query. Examples:
    • @coderabbitai explain this code block.
    • @coderabbitai modularize this function.
  • PR comments: Tag @coderabbitai in a new PR comment to ask questions about the PR branch. For the best results, please provide a very specific query, as very limited context is provided in this mode. Examples:
    • @coderabbitai gather interesting stats about this repository and render them as a table. Additionally, render a pie chart showing the language distribution in the codebase.
    • @coderabbitai read src/utils.ts and explain its main purpose.
    • @coderabbitai read the files in the src/scheduler package and generate a class diagram using mermaid and a README in the markdown format.
    • @coderabbitai help me debug CodeRabbit configuration file.

Support

Need help? Create a ticket on our support page for assistance with any issues or questions.

Note: Be mindful of the bot's finite context window. It's strongly recommended to break down tasks such as reading entire modules into smaller chunks. For a focused discussion, use review comments to chat about specific files and their changes, instead of using the PR comments.

CodeRabbit Commands (Invoked using PR comments)

  • @coderabbitai pause to pause the reviews on a PR.
  • @coderabbitai resume to resume the paused reviews.
  • @coderabbitai review to trigger an incremental review. This is useful when automatic reviews are disabled for the repository.
  • @coderabbitai full review to do a full review from scratch and review all the files again.
  • @coderabbitai summary to regenerate the summary of the PR.
  • @coderabbitai generate docstrings to generate docstrings for this PR.
  • @coderabbitai generate sequence diagram to generate a sequence diagram of the changes in this PR.
  • @coderabbitai auto-generate unit tests to generate unit tests for this PR.
  • @coderabbitai resolve resolve all the CodeRabbit review comments.
  • @coderabbitai configuration to show the current CodeRabbit configuration for the repository.
  • @coderabbitai help to get help.

Other keywords and placeholders

  • Add @coderabbitai ignore anywhere in the PR description to prevent this PR from being reviewed.
  • Add @coderabbitai summary to generate the high-level summary at a specific location in the PR description.
  • Add @coderabbitai anywhere in the PR title to generate the title automatically.

Documentation and Community

  • Visit our Documentation for detailed information on how to use CodeRabbit.
  • Join our Discord Community to get help, request features, and share feedback.
  • Follow us on X/Twitter for updates and announcements.

kasya
kasya previously approved these changes Jun 15, 2025
View reviewed changes
Copy link
Collaborator

@kasya kasya left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This works great 👍🏼

Separate request though - could we hide the Sign in button if there's no NEXT_SERVER_GITHUB_CLIENT_ID in the .env? This way it will be safe to deploy to prod before we set up this whole thing for production.

@Rajgupta36
Copy link
Collaborator Author

This works great 👍🏼

Separate request though - could we hide the Sign in button if there's no NEXT_SERVER_GITHUB_CLIENT_ID in the .env? This way it will be safe to deploy to prod before we set up this whole thing for production.

We want but we can't . It's a security concern if we expose our github credentials on client side .

@arkid15r
Copy link
Collaborator

arkid15r commented Jun 15, 2025
edited by Rajgupta36
Loading

This works great 👍🏼
Separate request though - could we hide the Sign in button if there's no NEXT_SERVER_GITHUB_CLIENT_ID in the .env? This way it will be safe to deploy to prod before we set up this whole thing for production.

We want but we can't . It's a security concern if we expose our github credentials on client side .

Why do you need to expose it on the client side? Why can't you have a similar flag indicating the github app presence on the server. It doesn't sound like impossible task to me (like the way you put it in your response).

The problem here is that we can't show the sign in button to users until it's all ready in prod. The alternative here is to use the feature branch.

@Rajgupta36
Copy link
Collaborator Author

This works great 👍🏼
Separate request though - could we hide the Sign in button if there's no NEXT_SERVER_GITHUB_CLIENT_ID in the .env? This way it will be safe to deploy to prod before we set up this whole thing for production.

We want but we can't . It's a security concern if we expose our github credentials on client side .

Why do you need to expose it on the client side? Why can't you have a similar flag indicating the github app presence on the server. It doesn't sound like impossible task to me (like the way you put it in your response).

The problem here is that we can't show the sign in button to users until it's all ready in prod. The alternative here is to use the feature branch.

You're right. I didn't mean to imply it's impossible. we can definitely handle this by introducing a new flag that's scoped to both the client and server side. This would let us hide the sign-in button until everything is ready in production.

@github-actions github-actions bot added the ci label Jun 16, 2025
@Rajgupta36 Rajgupta36 requested a review from kasya June 16, 2025 19:17
@Rajgupta36
Copy link
Collaborator Author

Screenshot from 2025-06-16 23-51-39
when auth is disabled

@github-actions github-actions bot removed the ci label Jun 18, 2025
@arkid15r
Copy link
Collaborator

@Rajgupta36 could you test the new code @kasya added?

@Rajgupta36
Copy link
Collaborator Author

@Rajgupta36 could you test the new code @kasya added?

amazing ,It's working

@arkid15r arkid15r enabled auto-merge (squash) June 18, 2025 17:53
arkid15r
arkid15r approved these changes Jun 18, 2025
View reviewed changes
Copy link
Collaborator

@arkid15r arkid15r left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

LGTM
@kasya @Rajgupta36 thanks for adding this!

@sonarqubecloud SonarQubeCloud
Copy link

Quality Gate Passed Quality Gate passed

Issues
0 New issues
0 Accepted issues

Measures
0 Security Hotspots
0.0% Coverage on New Code
0.0% Duplication on New Code

See analysis details on SonarQube Cloud

@arkid15r arkid15r merged commit 55e9072 into OWASP:feature/contributor-hub Jun 18, 2025
20 checks passed
github-merge-queue bot pushed a commit that referenced this pull request Jun 20, 2025
@arkid15r @Rajgupta36
@kasya @dependabot @rishyym0927 @bandhan-majumder @ahmedxgouda
Implement OWASP Nest GitHub authentication (#1634)
5e46513 
* Implemented Authentication using nextauth (#1512)

* implemented authentication using next-auth

* update code

* type fix

* updated migration

* added backend test cases

* added frontend unit test cases

* added e2e test case

* pre-commit

* fixes e2e test cases

* updated ci/cd

* updated code

* upgraded mutaitons from graphene to strawberry

* updated code

* Update code

* Update tests

* fixes

* fix test

* added relation

* Update code

* Update pnpm-lock.yaml

---------

Co-authored-by: Kate Golovanova <[email protected]>
Co-authored-by: Arkadii Yakovets <[email protected]>
Co-authored-by: Arkadii Yakovets <[email protected]>

* Run make update

* Bump python from 3.13.3-alpine to 3.13.4-alpine in /backend/docker (#1556)

Bumps python from 3.13.3-alpine to 3.13.4-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-version: 3.13.4-alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump python from 3.13.3-alpine to 3.13.4-alpine in /schema/docker (#1557)

Bumps python from 3.13.3-alpine to 3.13.4-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-version: 3.13.4-alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Bump python from 3.13.3-alpine to 3.13.4-alpine in /docs/docker (#1559)

Bumps python from 3.13.3-alpine to 3.13.4-alpine.

---
updated-dependencies:
- dependency-name: python
  dependency-version: 3.13.4-alpine
  dependency-type: direct:production
  update-type: version-update:semver-patch
...

Signed-off-by: dependabot[bot] <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>

* Run make update

* docs: add Next.js to tech stack after migration (#1565)

* Update CONTRIBUTING.md

* Update CONTRIBUTING.md

---------

Co-authored-by: Arkadii Yakovets <[email protected]>

* Update event sync process: fix KeyError 'start-date'

* Run make update

* Add test coverage for `csrf.py` (#1564)

* Add test coverage for csrf.py

Signed-off-by: bandhan-majumder <[email protected]>

* Update code

---------

Signed-off-by: bandhan-majumder <[email protected]>
Co-authored-by: Arkadii Yakovets <[email protected]>

* Update frontend/pnpm-lock.yaml

* Fix Authentication related bugs (#1569)

* handle empty auth credentials

* update test cases

* upgrade code

* update code

* remove check route

* fix test case

* fixes and update usermenu

---------

Co-authored-by: Arkadii Yakovets <[email protected]>

* Merge main

* Migrate frontend checks to local environment

* Update login page route (#1603)

* fix route

* format fix

* introduce flag for auth

* update env

* changed default value

* fix test cases

* fix e2 test cases

* Add dynamic variable for isAuthEnabled

* Clean up

* Clean up and fix tests

* Update code

* Fix code quality issues

---------

Co-authored-by: Arkadii Yakovets <[email protected]>
Co-authored-by: Kate <[email protected]>
Co-authored-by: Arkadii Yakovets <[email protected]>

* Implement GraphQL resolvers for project health metrics (#1577)

* Add project_health_metrics node and query

* Add health field to the ProjectNode that represents sll ProjectHealthMetrics objects of the project

* Add tests

* Update filtering and add fields to models

* Update filtering

* Update tests

* Save new boolean values

* Add boolean mapping

* Add query tests

* Merge migrations

* Update filtering, add migrations, and update scripts

* Update tests and queries

* Add test with filters

* Update filtering

* Update tests

* Merge migrations

* Revert unnecessary work and apply suggestions

* Remove has_no_recent_commits from project

* Add missing fields for FE query

* Remove project name from the test

* Clean migrations

* Update code

---------

Co-authored-by: Arkadii Yakovets <[email protected]>

* Fix test cases and update code (#1635)

* update code

* fix test case

* Update middleware.test.ts

* Update code

* Update code

* Update docker configuration

* Update deps

---------

Signed-off-by: dependabot[bot] <[email protected]>
Signed-off-by: bandhan-majumder <[email protected]>
Co-authored-by: Raj gupta <[email protected]>
Co-authored-by: Kate Golovanova <[email protected]>
Co-authored-by: dependabot[bot] <49699333+dependabot[bot]@users.noreply.github.com>
Co-authored-by: RISHIRAJ MUKHERJEE <[email protected]>
Co-authored-by: Bandhan Majumder <[email protected]>
Co-authored-by: Ahmed Gouda <[email protected]>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@arkid15r arkid15r arkid15r approved these changes

@kasya kasya Awaiting requested review from kasya

Assignees
No one assigned
Labels
frontend frontend-tests
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
3 participants
@Rajgupta36 @arkid15r @kasya